ByteOS Network

CVE-2025-55709

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.04% / 12.53%

||

7 Day CHG+0.01%

Published-14 Aug, 2025 | 18:21

Updated-28 Apr, 2026 | 16:13

WordPress Visual Composer Website Builder Plugin < 45.15.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through < 45.15.0.

Vendor-Visual Composer

Product-Visual Composer Website Builder

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2025-48276

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.14% / 34.10%

||

7 Day CHG~0.00%

Published-19 May, 2025 | 14:45

Updated-28 Apr, 2026 | 16:12

WordPress Visual Composer Website Builder plugin <= 45.11.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through <= 45.11.0.

Vendor-Visual Composer

Product-Visual Composer Website Builder

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2025-46254

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.13% / 31.82%

||

7 Day CHG~0.00%

Published-22 Apr, 2025 | 09:53

Updated-28 Apr, 2026 | 16:12

WordPress Visual Composer Website Builder plugin <= 45.10.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through <= 45.10.0.

Vendor-visualcomposer Visual Composer

Product-visual_composer_website_builder Visual Composer Website Builder

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2024-43263

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.16% / 35.86%

||

7 Day CHG~0.00%

Published-18 Aug, 2024 | 21:21

Updated-28 Apr, 2026 | 16:10

WordPress Visual Composer Starter theme <= 3.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Visual Composer Visual Composer Starter allows Stored XSS.This issue affects Visual Composer Starter: from n/a through 3.3.

Vendor-Visual Composer

Product-Visual Composer Starter

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2024-35653

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.16% / 35.89%

||

7 Day CHG~0.00%

Published-04 Jun, 2024 | 14:11

Updated-28 Apr, 2026 | 16:09

WordPress Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin <= 45.8.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.This issue affects Visual Composer Website Builder: from n/a through <= 45.8.0.

Vendor-visualcomposer Visual Composer

Product-visual_composer_website_builder Visual Composer Website Builder

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2024-27997

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.9||MEDIUM

EPSS-0.07% / 21.76%

||

7 Day CHG~0.00%

Published-19 Mar, 2024 | 16:49

Updated-28 Apr, 2026 | 16:09

WordPress Visual Composer plugin <= 45.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder visualcomposer.This issue affects Visual Composer Website Builder: from n/a through <= 45.6.0.

Vendor-Visual Composer

Product-Visual Composer Website Builder

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Visual Composer

Source -

BOS Name -

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -